- Home /
- News /
- 2015 /
- February /
- NSA-GCHQ: The Great SIM Heist - How Spies Stole the Keys to the Encryption Castle
NSA-GCHQ: The Great SIM Heist - How Spies Stole the Keys to the Encryption Castle
21 February 2015
"AMERICAN AND BRITISH spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden.
"The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the worlds cellular communications, including both voice and data."
The article notes that "the intelligence agencies accessed the email and Facebook accounts of engineers and other employees of major telecom corporations and SIM card manufacturers in an effort to secretly obtain information that could give them access to millions of encryption keys... In effect, GCHQ clandestinely cyberstalked Gemalto employees, scouring their emails in an effort to find people who may have had access to the companys core networks and Ki-generating systems."
See the article:
The Great SIM Heist - How Spies Stole the Keys to the Encryption Castle (The Intercept, link)
Documents (pdfs):
CNE Access to Core Mobile Networks
UPDATED: 33 pages document replacing 24 pages one: PCS Harvesting at Scale (STRAP 1 document: STRAP 1, 2 & 3 are classified documents above TOP SECRET, SECRET, CONFIDENTIAL & RESTRICTED)
"Cyberstalking": DAPINO GAMMA CNE Presence Wiki - DAPINO GAMMA Gemalto Yuaawaa Wiki
See also: Google opposes plan to let FBI hack any computer in the world (The Telegraph, link)
And: European Lawmakers Demand Answers on Phone Key Theft (The Intercept, link): "The European Parliaments chief negotiator on the European Unions data protection law, Jan Philipp Albrecht, said the hack was obviously based on some illegal activities." Member states like the U.K. are frankly not respecting the [law of the] Netherlands and partner states, Albrecht told the Wall Street Journal."